Spammers are impersonating well-known Android software developers in order to distribute rogue apps through the official Android Market.
Security researchers from antivirus firm Trend Micro have identified a developer named Rovio MobiIe Ltd. in the Android Market, which had a significant number of rogue applications in its portfolio.
Some users might immediately recognize Rovio Mobile as the name of the company behind one of the world’s most popular mobile games — “Angry Birds.”
However, in this case, the letter “l” from the original developer’s name was replaced with a capital “i,” which has a nearly identical visual representation under some fonts.
The apps distributed by Rovio MobiIe, with the capital “I”, through the Android Market were fake copies of legitimate applications that directed users to spam websites.
While these apps are not as dangerous as the premium-rate SMS Trojans distributed from unofficial app stores, they are still malicious in nature and are created to deceive users.
Last week, Google revealed a service called Bouncer, which automatically scans the Android Market for malicious apps. The scanner is capable of executing apps in a virtual environment in order to monitor their behavior, but it doesn’t seem to have caught the rogue ones found by Trend Micro.
This is probably because displaying links and opening Web pages is common behavior for legitimate applications as well. “We expect that more cybercriminals will continue with this method, so it is very important for users to be informed of how they can avoid being victimized,” Trend Micro threats analyst Kervin Alintanahin said in a blog post on Tuesday.
Installing only apps distributed through the Android Market is not enough to ensure one’s protection. Users should also read an application’s reviews and carefully consider its permissions before deciding to install it on their devices.